---------- Original Message ----------------------------------
From: "M. Burnett" <[EMAIL PROTECTED]>
Date: Tue, 15 Nov 2005 20:36:07 -0700
>Microsoft certainly cannot anticipate and test every possible configuration
>change that customers might make. The patches undergo a significant amount of
>testing and their careful patch testing and release plan is better than it has
>ever been. But was this a foreseeable scenario that should have been tested?
>Should they have anticipated ACL problems? I read in MSKB 909444 that
>"...Before Microsoft Security Bulletin MS05-051, explicit permissions to the
>COM+ catalog were not required." Reading that, I would suspect that if you
>make a change that requires explicit permissions that you should anticipate
>that anything besides the default permissions might cause problems. I think
>they could have anticipated issues here to have warranted a more detailed test
>plan and should not have relied so much on beta testing to have found any
>issues.
>
What was Microsoft's answer to the MS05-018 problem, the fix for it was not
permission related, and why the refusal to provide a new patch?
________________________________________________________________
Sent via the WebMail system at ninefamily.com
---------------------------------------------------------------------------
---------------------------------------------------------------------------
